openSUSE-SU-2012:1215-1 -- Suse chromiumID: oval:org.secpod.oval:def:400403 | Date: (C)2012-12-31 (M)2022-06-24 |
Class: PATCH | Family: unix |
Chromium was updated to 21.0.1180.88 to fix various bugs and security issues. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix. - [$500] [121347<https://code.google.com/p/chromium/issues/detail?id= 121347>] Medium CVE-2012-2865: Out-of-bounds read in line breaking. Credit to miaubiz. - [$1000] [134897<https://code.google.com/p/chromium/issues/detail?id= 134897>] High CVE-2012-2866: Bad cast with run-ins. Credit to miaubiz. - [135485 <https://code.google.com/p/chromium/issues/detail?id=135485> ] Low CVE-2012-2867: Browser crash with SPDY. - [$500] [136881<https://code.google.com/p/chromium/issues/detail?id= 136881>] Medium CVE-2012-2868: Race condition with workers and XHR. Credit to miaubiz. - [137778 <https://code.google.com/p/chromium/issues/detail?id=137778> ] High CVE-2012-2869: Avoid stale buffer in URL loading. Credit to Fermin Serna of the Google Security Team. - [138672 <https://code.google.com/p/chromium/issues/detail?id=138672> ] [ 140368 <https://code.google.com/p/chromium/issues/detail?id=140368> ] LowCVE-2012-2870: Lower severity memory management issues in XPath. Credit to Nicolas Gregoire. - [$1000] [138673<https://code.google.com/p/chromium/issues/detail?id= 138673>] High CVE-2012-2871: Bad cast in XSL transforms. Credit to Nicolas Gregoire. - [$500] [142956<https://code.google.com/p/chromium/issues/detail?id= 142956>] Medium CVE-2012-2872: XSS in SSL interstitial. Credit to Emmanuel Bronshtein.